Lessons learnt from recent US Samsung data breach

Chad McDonald, CISO at Radiant Logic, shares his views on the importance of strong Identity Access Management principles after the Samsung US data breach.

Samsung recently confirmed it suffered a data breach which led to the personal information of customers being leaked online.

The company revealed that customer data had been compromised on 4 August, following an apparent security incident in the preceding weeks. It also said that an “unauthorized third party" had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers or social security numbers were breached.

A spokesman said in a statement: "Samsung detected the incident and has taken actions to secure the affected systems. As part of our ongoing investigation, we have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We are notifying customers to make them aware of this matter.

"At Samsung, we value the trust our customers place in our products and services – trust that we have built up over many years. This is why the security and privacy of our customers’ data is of the utmost importance to us, and our products and services are designed and built with this top of mind."

Failure to manage identity data 

Chad McDonald, CISO at Radiant Logic, says that for many organisations, breaches like this are the result of failing to manage identity data and implement strong Identity Access Management principles.

"It is extremely serious that an unauthorised user was able to get their hands on Samsung customers’ personal information," he said.

"Many organisations suffer from identity sprawl, where identity data is spread across different applications which cannot communicate with each other, which ultimately means that systems - and therefore data - is siloed. This poses a huge security risk, with siloed systems increasing the attack surface of an organisation and creating gaps for threat actors to exploit

"Heavily siloed systems result in organisations failing to build complete and accurate user profiles. Security teams then struggle to properly identify users and give them the correct access, ultimately leading to security breaches such as this one on Samsung.

"Organisations need an Identity Access Management solution which can unify and streamline their identity data to provide complete and accurate user profiles. With complete visibility over systems, security teams are then able to properly track who should be accessing what, therefore reducing the risk of a serious breach," he added. 

What is identity managament?

According to cybersecurity company, VMWare, Identity management (IdM), also known as identity and access management (IAM) ensures that authorised people – and only authorised people – have access to the technology resources they need to perform their job functions. It includes polices and technologies that encompass an organisation-wide process to properly identify, authenticate, and authorise people, groups of people, or software applications through attributes including user access rights and restrictions based on their identities.

An identity management system prevents unauthorised access to systems and resources, helps prevent exfiltration of enterprise or protected data, and raises alerts and alarms when access attempts are made by unauthorized personnel or programs, whether from inside or outside the enterprise perimeter.

Identity management solutions not only protect software and data access, they also protect the hardware resources in an enterprise, such as servers, networks, and storage devices from unauthorised access which could lead to a ransomware attack. Identity management has gained importance over the past decade due to the growing number of global regulatory, compliance, and governance mandates that seek to protect sensitive data from exposure of any kind.

IdM and IAM systems generally are part of IT security and IT Data management within the enterprise, and identity and access management tools are widely available for the broad range of devices that users rely on to perform business functions from phones and tablets to desktop computers running Windows, Linux, iOS or Android.


Featured Articles

AWS launches 2023 European Defence Accelerator for startups

AWS is launching its European Defence Accelerator, open to startups interested in doing business with defence and national security organisations

Gartner unveils top cybersecurity predictions for 2023-2024

Half of CISOs will formally adopt human-centric design practices into their cybersecurity programmes, while adoption of zero trust architecture will rise

DDoS protection market to grow amid increase in attacks

According to research by Cloudflare, DDoS attacks increased by 109% last year, with the last 12 months seeing some of the largest attacks the world

The impact data poisoning has on cyber and AI

Cyber Security

Five innovative ways AI can help prevent cyber attacks

Cyber Security

SailPoint delivers new non-employee risk management solution

Cyber Security